[Samba] Samba ADS-member-server: FQDNs in /etc/hosts

Stefan G. Weichinger lists at xunil.at
Thu Jul 13 05:39:40 UTC 2017

Am 2017-07-12 um 14:34 schrieb Rowland Penny:

> 4) Rowland scratches head and wonders 'how the hell is that
> happening ?' ;-)
> This is happening on the machine connected to, not on the machine
> connecting.
> Please post the smb.conf from 'server'
> if there is a 'user.map' mentioned in smb.conf, please post this.

was there, pointed to empty file. disabled that now

workgroup = BUERO
realm = secret.AT
netbios name = SERVER

security = ADS
map to guest = Bad User
#username map = /etc/samba/smbusers

dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind refresh tickets = yes

winbind trusted domains only = no
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes

# Use settings from AD for login shell and home directory
winbind nss info = template
template shell = /bin/bash
template homedir = /mnt/samba/Daten/%U

map untrusted to domain = Yes

# Default idmap config used for BUILTIN and local accounts/groups
idmap config *:backend = tdb
idmap config *:range = 2000-9999

# idmap config for domain BUERO
idmap config BUERO:backend = rid
idmap config BUERO:range = 10000-99999

load printers = no
printing = bsd
printcap name = /dev/null

# turn off roaming profiles
logon path = ""
logon home = ""

hosts allow = localhost 192.168.16. 172.32.99.

log level = 3

> check if 'Administrator' is in /etc/passwd

no, it is not

> Run 'getent passwd secretuser1'
> Run 'getent passwd Administrator'
> You should get output from the first, but nothing from the second.

I get both:

root at pre01svdeb01:/etc/samba# getent passwd secretuser1

root at pre01svdeb01:/etc/samba# getent passwd Administrator

- thanks, good morning

More information about the samba mailing list